Security Controls Assessor – Journeyman

Job not on LinkedIn

🔥 1 minute ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Avint

Avint

11 - 50 employees

🔒 Cybersecurity

🏛️ Government

📋 Compliance

Cybersecurity • Government • Compliance

Avint is a cybersecurity consulting firm that specializes in delivering transformational solutions to defense, intelligence, and national security sectors. Founded by a leader in the cybersecurity industry, Avint offers innovative, intuitive cybersecurity services to federal agencies and commercial organizations, helping them secure their systems against cyber threats. The company is woman-owned and service-disabled veteran-owned, with a team of expert cybersecurity practitioners, including cyber engineers, data scientists, and strategists. Avint focuses on building, sustaining, and optimizing cybersecurity solutions for critical infrastructures, offering services from strategy and operations to compliance validation and management consulting.

📋 Description

• Conduct security control assessments of information systems using interview, examination, and testing methods • Verify compliance with established frameworks such as NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FISMA, and/or FedRAMP, depending on organizational requirements • Analyze system architectures, network diagrams, configuration settings, and policies to identify vulnerabilities and compliance gaps • Review vulnerability scanning results (e.g., Nessus, Qualys) and penetration testing reports to validate the implementation of technical controls • Document detailed testing results and draft sections of the Security Assessment Report (SAR), ensuring clear explanations of non-compliant findings • Present assessment findings and risk postures to Authorizing Officials (AO), system owners, and other stakeholders in clear, actionable terms • Assist system owners in the development of realistic Plans of Action and Milestones (POA&M) to remediate identified deficiencies • Collaborate with the Risk Management team to ensure assessment data accurately informs the organization’s continuous monitoring strategy • Stay current on emerging cyber threats, vulnerabilities, regulatory changes, and assessment techniques • Identify opportunities to automate assessment processes and integrate modern tooling into the assessment lifecycle • Participate in the development and refinement of enterprise information security policies, standards, and guidelines

🎯 Requirements

• Bachelor’s degree (BS/BA) OR equivalent professional experience • Security+ or higher • Minimum of 6-8 years of dedicated experience in cybersecurity, information assurance, or IT auditing • At least six (6) years of dedicated experience performing hands-on security controls assessments of systems of moderate complexity (C2 & C3) with capability of supporting C4 assessments • Must be a U.S. citizen (no dual citizenship) • Ability to pass a background investigation • Able to obtain and maintain DHS Suitability/Entry on Duty (EOD) • Strong attention to detail and organized documentation habits • Good analytical and troubleshooting abilities • Professional verbal and written communication skills, with an ability to collaborate effectively across technical boundaries.

🏖️ Benefits

• competitive salaries • full health insurance • generous time off • observation of federal holidays • reimbursement for courses, exams, and tuition • investment in employee professional development

Apply Now

Similar Jobs

🔥 9 minutes ago

VivSoft

51 - 200

🏛️ Government

🤖 Artificial Intelligence

🏢 Enterprise

Cybersecurity Engineer managing security solutions in a remote role for VivSoft Technologies. Focus on DoD compliance and security architectures for government systems.

🔥 1 hour ago

AbbVie

10,000+ employees

💊 Pharmaceuticals

🧬 Biotechnology

⚕️ Healthcare Insurance

Cybersecurity Architect responsible for security systems across AbbVie's infrastructure environment. Collaborating with Information Security team on mitigating threats and enhancing security measures.

🔥 1 hour ago

Authentic8

51 - 200

🔒 Cybersecurity

📋 Compliance

🏛️ Government

Red Team Engineer leading the development of AI-augmented red teaming tools at Authentic8. Engaging in vulnerability discovery and security stage-gate oversight in CI/CD efforts.

🔥 3 hours ago

Cisco

10,000+ employees

🔧 Hardware

🔐 Security

🏢 Enterprise

Security Engineer managing application-level monitoring and incident response in US Government classified environments. Collaborating with teams to evolve security tools in a hybrid world.

🔥 4 hours ago

Interface Systems

501 - 1000

🔐 Security

☁️ SaaS

📡 Telecommunications

National Account Executive proposing and advancing sales of managed Access Control and Alarm monitoring solutions. Seeking to enhance security and connectivity for large, multi-site U.S. businesses.